Cybersecurity Industrial Control Systems Engineer | SGInnovate


Singapore University of Technology and Design (SUTD)
8, Somapah Rd, Room No. 2.705, Building 2 Level 7 (near Lobby E), Secure Water Treatment (SWaT) Testbed
Singapore 487372



Cybersecurity Industrial Control Systems Engineer

Presented by SGInnovate and Tegasus International

Are you and your organisation ready to manage and respond to cyber-attacks?

Specially curated with Tegasus International and ST Engineering Cybersecurity Academy, SGInnovate presents a full spectrum of Cybersecurity Workshops in Operational Technology (OT) designed to get you and your organisation ready for impending security threats and vulnerabilities.

These OT courses are structured to align with the key pillars of the Singapore Cybersecurity Strategy. They are tailored to the needs of those working within the 11 Critical Information Infrastructure (CII) sectors in Singapore.

Through this three-day workshop, you will have a deeper understanding of the OT Cybersecurity ecosystem with concepts covering embedded systems, protocols fundamentals, known vulnerabilities discovery, forensic investigation and process exploitation. You will also learn about threats and cyber risks to Industrial Control Systems (ICS) as well as the different types and stages of a cyber attack.

There will be emphasis on real-world use cases and examples, hands-on applications and exercises that are incorporated with realistic scenarios built around operational cyber physical testbeds.

By the end of the course, you will be able to recognise the symptoms of an attack and identify the tools and techniques to investigate possible breaches within the ICS. You should be able to demonstrate a multitude of Cybersecurity techniques including vulnerability assessments, sensor disruption and defence in-depth.

Workshop Overview:
In this course, participants will learn:

  • Basic Cyber Physical Systems (CPS)
  • Cyber risks and security vulnerabilities in CPS
  • Process Control Exploitation
  • Basic networking concepts necessary for active and passive network discovery
  • Network attacks and exploits: different stages of an attack
  • Network defence and incident response

Recommended Prerequisites:

  • Basic understanding of Industrial Control System (ICS), Cyber Physical System (CPS) or Operational Technology (OT)
  • Recommended for individuals working in the Cybersecurity space for at least two (2) years or possess a strong interest in understanding OT Cybersecurity for their organisation

Pre-Workshop Instructions:

  • Laptops will be provided for this workshop

Day 1 (25 August 2020)

Overview of Cyber Physical Systems (CPS)
Basic CPS

  • Overview of CPS: Industrial Control Systems (ICS) with communication network
  • ICS basics including data flow and protocol
  • Hands-on exercise

Cyber Risk and Security Vulnerabilities in CPS

  • Cyber risks to ICS
  • Threat trends for control systems
  • Security Topics: Information Technology (IT) vs Operational Technology (OT)
  • Common vulnerabilities for control systems
  • Case studies: Real-life cyber-attacks
  • Demonstration

Process Control Exploitation

  • Overview of SWaT architecture and demonstration network layout
  • Static multiple point attacker paths and model
  • Demonstration

IT and OT Networks Discovery
Basic Networking Concepts

  • IP address and basic networking
  • NEY and IANA
  • OSI 7-layer model
  • Address Resolution Protocol (ARP), Transmission Control Protocol (TCP), User Datagram Protocol (UDP) and Internet Control Message Protocol (ICMP)
  • Protocol characteristics and relevant threats

Passive Discovery

  • Passive discovery vs active discovery
  • Intelligence gathering tools
  • Tools and techniques for passive discovery
  • Hands-on exercise

Day 2 (26 August 2020)

IT and OT Networks Discovery
Active Discovery

  • Nmap
  • Host Discovery in IT and OT
  • Port scanning and states in IT and OT
  • ICS challenges
  • Introduction to Nessus (vulnerability scanner)
  • Introduction to OpenCAS (Open Vulnerability Assessment System)
  • Exercise

CPS and Network Attacks and Exploits
Discuss the different stages of attacks

  • Attacker profiles, attack stages, tasks and consideration
  • System vulnerabilities and software vulnerability
  • National vulnerability database CVSS
  • Exploit types
  • Attack operations
  • Bypass network controls
  • Hands-on exercise

CPS Attack Surface

  • Metasploit framework
  • Basic exploit process
  • Meterpreter: Useful commands
  • Hands-on exercise

Day 3 (27 August 2020)

Network Defence and Incident Response
CPS Attack Surface

  • Hands-on exercise: Armitage on IT and OT Networks

Security Monitoring and Incident Response

  • Understanding defence-in-depth
  • Intrusion detection / protection system
  • Signature vs anomaly detection
  • Intrusion prevention systems (IPSs) vs Intrusion Detection Systems (IDSs)
  • Incident response plan for CPS
  • Hands-on exercise
  • Assessment

S$2,568 / pax (after GST)

For enquiries, please send an email to

Funding Support

This workshop is eligible for CITREP+ funding.

CITREP+ is a programme under the TechSkills Accelerator (TeSA) – an initiative of SkillsFuture, driven by Infocomm Media Development Authority (IMDA).

*Please see the section on ‘Guide for CITREP+ funding eligibility and self-application process.

Funding Amount:

  • CITREP+ covers up to 90% of your nett payable course fee depending on eligibility for professionals

Please note: funding is capped at $3,000 per course application

  • CITREP+ covers up to 100% funding of your nett payable course fee for eligible students/full-time National Serviceman (NSF)

Please note: funding is capped at $2,500 per course application

Funding Eligibility:

  • Singaporean / PR
  • Meets course admission criteria
  • Sponsoring organisations must be registered or incorporated in Singapore (only for individuals sponsored by organisations)

Please note:

  • Employees of local government agencies and Institutes of Higher Learning (IHLs) will qualify for CITREP+ under the self-sponsored category
  • Sponsoring SMEs organisation applying for up to 90% funding support for course and certification must meet the following criteria as defined here

Claim Conditions:

  • Meet the minimum attendance (75%)
  • Complete and pass all assessments and / or projects

Guide for CITREP+ funding eligibility and self-application process:

For more information on CITREP+ eligibility criteria and application procedure, please click here.

In partnership with:Driven by:


For enquiries, please send an email to

Ivan Lee, Co-founder, Tegasus International

Ivan works with various global strategic partners such as the NATO Cooperative Cyber Defence Centre of Excellence, US Department of Homeland Security ICS-CERT Idaho National Laboratory and local government agencies on critical initiatives and training programmes.

He started his career with Accenture, a top global top IT consulting MNC company and has assumed various tech management roles in the telecommunication, cGMP and Operational Technology sectors regionally. He is the Deputy Director of Cybersecurity Technologies at iTrust, a Centre for Research in Cybersecurity that was established by the Ministry of Defence and Singapore University of Technology and Design (SUTD).

He is also an SUTD Academy Fellow and a member of the Coordinating Committee for Cybersecurity (CCCY), Subcommittee for Critical Information Infrastructure (CII).

He has attended various professional training courses and acquired certifications as listed below:

  • Certified Information Systems Security Professional (CISSP)
  • US Department of Homeland Security ICS-CERT Industrial Control Systems (ICS) Cybersecurity (301)
  • Advanced Penetration Testing, Exploit Writing, Ethical Hacking (SANS)
  • Advanced Course on Darknet and Cryptocurrencies
  • Hands-on Hardware Hacking and Reverse Engineering (Blackhat 2015)
  • Cybersecurity: Technology, Application and Policy (MIT Digital Program)
  • FORENSICS: Reverse-Engineering Malware (SANS)
  • Managing Successful Programmes (MSP) Practitioner, 2014
  • Introduction to Business Process Re-engineering Workshop
  • Live Hacking & Information Security Masterclass
  • Self-Discovery Leadership
  • EC-Council Certified Security Analyst (ECSA), 2013
  • Certified Ethical Hacker (CEH), 2013
  • Project Management Professional (PMP)

Topics: Cybersecurity